That contract is said to be for something called "private clouds"—a service that Amazon, to date, doesn't offer.

Amazon Web Services is the best-known example of cloud computing—a distributed set of powerful computing resources accessed over the Internet. A p ublic cloud, which is what Amazon offers, is when hardware is hosted in a service provider's data center, shared by all users, and rented on a per-usage basis. That shared equipment keeps prices low.

Private clouds make use of similar architecture, relieving programmers from having to worry about details of the hardware their programs run on, but the hardware involved is dedicated to a single customer's use. That's a critical distinction for security-minded customers.

Amazon's newly launched security service makes Amazon's public cloud far more secure. The service is called CloudHSM, where HSM stands for Hardware Security Module, explains Amazon's Jeff Barr on a blog post .

CloudHSM lets companies keep keys to encrypt data on Amazon's cloud. Even if a hacker gets at the data, the hacker can't read it without decrypting it. No one but the company has access to the keys—not even Amazon.

This allows companies to better protect their data even while using Amazon's public cloud.

Amazon has been steadily beefing up its security options to make its public cloud act more like a private one. The new CloudHSM service works with Amazon's Virtual Private Cloud service. The VPC still uses hardware hosted by Amazon, but adds extra security to make it behave more like a private data center.

Amazon's attempt to make its public cloud more private is important. If Amazon, the 800-pound gorilla of cloud computing, can convince enterprises that they don't need to build their own private clouds, that could hamper big cloud players like VMware, Citrix, IBM, and HP.